Hello community, here is the log from the commit of package python-acme for openSUSE:Factory checked in at 2019-02-11 21:26:14 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-acme (Old) and /work/SRC/openSUSE:Factory/.python-acme.new.28833 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-acme" Mon Feb 11 21:26:14 2019 rev:27 rq:673115 version:0.31.0 Changes: -------- --- /work/SRC/openSUSE:Factory/python-acme/python-acme.changes 2019-02-02 21:48:48.980003321 +0100 +++ /work/SRC/openSUSE:Factory/.python-acme.new.28833/python-acme.changes 2019-02-11 21:26:17.327051369 +0100 @@ -1,0 +2,15 @@ +Fri Feb 8 10:27:51 UTC 2019 - Marketa Calabkova <mcalabk...@suse.com> + +- update to 0.31.0 + * Support for initiating (but not solving end-to-end) TLS-ALPN-01 + challenges with the acme module. + * Fixed accessing josepy contents through acme.jose when the full + acme.jose path is used. + * Added the update_account subcommand for account management commands. + +------------------------------------------------------------------- +Tue Jan 29 12:02:18 UTC 2019 - Tomáš Chvátal <tchva...@suse.com> + +- Drop pytest-xdist dependency as it is not really needed + +------------------------------------------------------------------- Old: ---- acme-0.30.2.tar.gz acme-0.30.2.tar.gz.asc New: ---- acme-0.31.0.tar.gz acme-0.31.0.tar.gz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-acme.spec ++++++ --- /var/tmp/diff_new_pack.QQH9Fg/_old 2019-02-11 21:26:18.223050886 +0100 +++ /var/tmp/diff_new_pack.QQH9Fg/_new 2019-02-11 21:26:18.239050877 +0100 @@ -19,7 +19,7 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} %define libname acme Name: python-%{libname} -Version: 0.30.2 +Version: 0.31.0 Release: 0 Summary: Python library for the ACME protocol License: Apache-2.0 @@ -34,7 +34,6 @@ BuildRequires: %{python_module mock} BuildRequires: %{python_module pyOpenSSL >= 0.13} BuildRequires: %{python_module pyRFC3339} -BuildRequires: %{python_module pytest-xdist} BuildRequires: %{python_module pytest} BuildRequires: %{python_module pytz} BuildRequires: %{python_module requests >= 2.4.1} ++++++ acme-0.30.2.tar.gz -> acme-0.31.0.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/PKG-INFO new/acme-0.31.0/PKG-INFO --- old/acme-0.30.2/PKG-INFO 2019-01-25 21:15:55.000000000 +0100 +++ new/acme-0.31.0/PKG-INFO 2019-02-07 22:20:40.000000000 +0100 @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: acme -Version: 0.30.2 +Version: 0.31.0 Summary: ACME protocol implementation in Python Home-page: https://github.com/letsencrypt/letsencrypt Author: Certbot Project diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme/__init__.py new/acme-0.31.0/acme/__init__.py --- old/acme-0.30.2/acme/__init__.py 2019-01-25 21:15:41.000000000 +0100 +++ new/acme-0.31.0/acme/__init__.py 2019-02-07 22:20:29.000000000 +0100 @@ -1,25 +1,20 @@ """ACME protocol implementation. -This module is an implementation of the `ACME protocol`_. Latest -supported version: `draft-ietf-acme-01`_. - +This module is an implementation of the `ACME protocol`_. .. _`ACME protocol`: https://ietf-wg-acme.github.io/acme -.. _`draft-ietf-acme-01`: - https://github.com/ietf-wg-acme/acme/tree/draft-ietf-acme-acme-01 - """ import sys -import josepy - # This code exists to keep backwards compatibility with people using acme.jose # before it became the standalone josepy package. # # It is based on # https://github.com/requests/requests/blob/1278ecdf71a312dc2268f3bfc0aabfab3c006dcf/requests/packages.py +import josepy as jose + for mod in list(sys.modules): # This traversal is apparently necessary such that the identities are # preserved (acme.jose.* is josepy.*) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme/challenges.py new/acme-0.31.0/acme/challenges.py --- old/acme-0.30.2/acme/challenges.py 2019-01-25 21:15:41.000000000 +0100 +++ new/acme-0.31.0/acme/challenges.py 2019-02-07 22:20:29.000000000 +0100 @@ -513,6 +513,17 @@ return self.response(account_key).gen_cert(key=kwargs.get('cert_key')) +@ChallengeResponse.register +class TLSALPN01Response(KeyAuthorizationChallengeResponse): + """ACME TLS-ALPN-01 challenge response. + + This class only allows initiating a TLS-ALPN-01 challenge returned from the + CA. Full support for responding to TLS-ALPN-01 challenges by generating and + serving the expected response certificate is not currently provided. + """ + typ = "tls-alpn-01" + + @Challenge.register # pylint: disable=too-many-ancestors class TLSALPN01(KeyAuthorizationChallenge): """ACME tls-alpn-01 challenge. @@ -522,6 +533,7 @@ """ typ = "tls-alpn-01" + response_cls = TLSALPN01Response def validation(self, account_key, **kwargs): """Generate validation for the challenge.""" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme/challenges_test.py new/acme-0.31.0/acme/challenges_test.py --- old/acme-0.30.2/acme/challenges_test.py 2019-01-25 21:15:41.000000000 +0100 +++ new/acme-0.31.0/acme/challenges_test.py 2019-02-07 22:20:29.000000000 +0100 @@ -402,6 +402,33 @@ KEY, cert_key=mock.sentinel.cert_key)) mock_gen_cert.assert_called_once_with(key=mock.sentinel.cert_key) +class TLSALPN01ResponseTest(unittest.TestCase): + # pylint: disable=too-many-instance-attributes + + def setUp(self): + from acme.challenges import TLSALPN01Response + self.msg = TLSALPN01Response(key_authorization=u'foo') + self.jmsg = { + 'resource': 'challenge', + 'type': 'tls-alpn-01', + 'keyAuthorization': u'foo', + } + + from acme.challenges import TLSALPN01 + self.chall = TLSALPN01(token=(b'x' * 16)) + self.response = self.chall.response(KEY) + + def test_to_partial_json(self): + self.assertEqual(self.jmsg, self.msg.to_partial_json()) + + def test_from_json(self): + from acme.challenges import TLSALPN01Response + self.assertEqual(self.msg, TLSALPN01Response.from_json(self.jmsg)) + + def test_from_json_hashable(self): + from acme.challenges import TLSALPN01Response + hash(TLSALPN01Response.from_json(self.jmsg)) + class TLSALPN01Test(unittest.TestCase): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme/client_test.py new/acme-0.31.0/acme/client_test.py --- old/acme-0.30.2/acme/client_test.py 2019-01-25 21:15:41.000000000 +0100 +++ new/acme-0.31.0/acme/client_test.py 2019-02-07 22:20:29.000000000 +0100 @@ -707,6 +707,7 @@ self.certr, self.rsn) + class ClientV2Test(ClientTestBase): """Tests for acme.client.ClientV2.""" @@ -950,7 +951,6 @@ self.assertEqual(jws.signature.combined.kid, u'acct-uri') self.assertEqual(jws.signature.combined.url, u'url') - def test_check_response_not_ok_jobj_no_error(self): self.response.ok = False self.response.json.return_value = {} @@ -1113,8 +1113,8 @@ # Requests Library Exceptions except requests.exceptions.ConnectionError as z: #pragma: no cover - self.assertTrue("('Connection aborted.', error(111, 'Connection refused'))" - == str(z) or "[WinError 10061]" in str(z)) + self.assertTrue("'Connection aborted.'" in str(z) or "[WinError 10061]" in str(z)) + class ClientNetworkWithMockedResponseTest(unittest.TestCase): """Tests for acme.client.ClientNetwork which mock out response.""" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme/jose_test.py new/acme-0.31.0/acme/jose_test.py --- old/acme-0.30.2/acme/jose_test.py 2019-01-25 21:15:41.000000000 +0100 +++ new/acme-0.31.0/acme/jose_test.py 2019-02-07 22:20:29.000000000 +0100 @@ -12,11 +12,21 @@ else: acme_jose_path = 'acme.jose' josepy_path = 'josepy' - acme_jose = importlib.import_module(acme_jose_path) - josepy = importlib.import_module(josepy_path) + acme_jose_mod = importlib.import_module(acme_jose_path) + josepy_mod = importlib.import_module(josepy_path) - self.assertIs(acme_jose, josepy) - self.assertIs(getattr(acme_jose, attribute), getattr(josepy, attribute)) + self.assertIs(acme_jose_mod, josepy_mod) + self.assertIs(getattr(acme_jose_mod, attribute), getattr(josepy_mod, attribute)) + + # We use the imports below with eval, but pylint doesn't + # understand that. + # pylint: disable=eval-used,unused-variable + import acme + import josepy + acme_jose_mod = eval(acme_jose_path) + josepy_mod = eval(josepy_path) + self.assertIs(acme_jose_mod, josepy_mod) + self.assertIs(getattr(acme_jose_mod, attribute), getattr(josepy_mod, attribute)) def test_top_level(self): self._test_it('', 'RS512') diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme/messages.py new/acme-0.31.0/acme/messages.py --- old/acme-0.30.2/acme/messages.py 2019-01-25 21:15:41.000000000 +0100 +++ new/acme-0.31.0/acme/messages.py 2019-02-07 22:20:29.000000000 +0100 @@ -1,7 +1,10 @@ """ACME protocol messages.""" -import collections import six import json +try: + from collections.abc import Hashable # pylint: disable=no-name-in-module +except ImportError: + from collections import Hashable import josepy as jose @@ -107,7 +110,7 @@ if part is not None).decode() -class _Constant(jose.JSONDeSerializable, collections.Hashable): # type: ignore +class _Constant(jose.JSONDeSerializable, Hashable): # type: ignore """ACME constant.""" __slots__ = ('name',) POSSIBLE_NAMES = NotImplemented diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme.egg-info/PKG-INFO new/acme-0.31.0/acme.egg-info/PKG-INFO --- old/acme-0.30.2/acme.egg-info/PKG-INFO 2019-01-25 21:15:55.000000000 +0100 +++ new/acme-0.31.0/acme.egg-info/PKG-INFO 2019-02-07 22:20:40.000000000 +0100 @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: acme -Version: 0.30.2 +Version: 0.31.0 Summary: ACME protocol implementation in Python Home-page: https://github.com/letsencrypt/letsencrypt Author: Certbot Project diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme.egg-info/SOURCES.txt new/acme-0.31.0/acme.egg-info/SOURCES.txt --- old/acme-0.30.2/acme.egg-info/SOURCES.txt 2019-01-25 21:15:55.000000000 +0100 +++ new/acme-0.31.0/acme.egg-info/SOURCES.txt 2019-02-07 22:20:40.000000000 +0100 @@ -70,7 +70,6 @@ docs/api/messages.rst docs/api/standalone.rst docs/man/jws.rst -examples/example_client.py examples/standalone/README examples/standalone/localhost/cert.pem examples/standalone/localhost/key.pem \ No newline at end of file diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/acme.egg-info/requires.txt new/acme-0.31.0/acme.egg-info/requires.txt --- old/acme-0.30.2/acme.egg-info/requires.txt 2019-01-25 21:15:55.000000000 +0100 +++ new/acme-0.31.0/acme.egg-info/requires.txt 2019-02-07 22:20:40.000000000 +0100 @@ -1,10 +1,10 @@ -cryptography>=0.8 +cryptography>=1.2.3 josepy>=1.0.0 mock -PyOpenSSL>=0.13 +PyOpenSSL>=0.13.1 pyrfc3339 pytz -requests[security]>=2.4.1 +requests[security]>=2.6.0 requests-toolbelt>=0.3.0 setuptools six>=1.9.0 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/docs/index.rst new/acme-0.31.0/docs/index.rst --- old/acme-0.30.2/docs/index.rst 2019-01-25 21:15:41.000000000 +0100 +++ new/acme-0.31.0/docs/index.rst 2019-02-07 22:20:29.000000000 +0100 @@ -16,13 +16,6 @@ .. automodule:: acme :members: - -Example client: - -.. include:: ../examples/example_client.py - :code: python - - Indices and tables ================== diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/examples/example_client.py new/acme-0.31.0/examples/example_client.py --- old/acme-0.30.2/examples/example_client.py 2019-01-25 21:15:41.000000000 +0100 +++ new/acme-0.31.0/examples/example_client.py 1970-01-01 01:00:00.000000000 +0100 @@ -1,47 +0,0 @@ -"""Example script showing how to use acme client API.""" -import logging -import os -import pkg_resources - -from cryptography.hazmat.backends import default_backend -from cryptography.hazmat.primitives.asymmetric import rsa -import josepy as jose -import OpenSSL - -from acme import client -from acme import messages - - -logging.basicConfig(level=logging.DEBUG) - - -DIRECTORY_URL = 'https://acme-staging.api.letsencrypt.org/directory' -BITS = 2048 # minimum for Boulder -DOMAIN = 'example1.com' # example.com is ignored by Boulder - -# generate_private_key requires cryptography>=0.5 -key = jose.JWKRSA(key=rsa.generate_private_key( - public_exponent=65537, - key_size=BITS, - backend=default_backend())) -acme = client.Client(DIRECTORY_URL, key) - -regr = acme.register() -logging.info('Auto-accepting TOS: %s', regr.terms_of_service) -acme.agree_to_tos(regr) -logging.debug(regr) - -authzr = acme.request_challenges( - identifier=messages.Identifier(typ=messages.IDENTIFIER_FQDN, value=DOMAIN)) -logging.debug(authzr) - -authzr, authzr_response = acme.poll(authzr) - -csr = OpenSSL.crypto.load_certificate_request( - OpenSSL.crypto.FILETYPE_ASN1, pkg_resources.resource_string( - 'acme', os.path.join('testdata', 'csr.der'))) -try: - acme.request_issuance(jose.util.ComparableX509(csr), (authzr,)) -except messages.Error as error: - print ("This script is doomed to fail as no authorization " - "challenges are ever solved. Error from server: {0}".format(error)) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acme-0.30.2/setup.py new/acme-0.31.0/setup.py --- old/acme-0.30.2/setup.py 2019-01-25 21:15:42.000000000 +0100 +++ new/acme-0.31.0/setup.py 2019-02-07 22:20:31.000000000 +0100 @@ -3,21 +3,21 @@ from setuptools.command.test import test as TestCommand import sys -version = '0.30.2' +version = '0.31.0' # Please update tox.ini when modifying dependency version requirements install_requires = [ # load_pem_private/public_key (>=0.6) # rsa_recover_prime_factors (>=0.8) - 'cryptography>=0.8', + 'cryptography>=1.2.3', # formerly known as acme.jose: 'josepy>=1.0.0', # Connection.set_tlsext_host_name (>=0.13) 'mock', - 'PyOpenSSL>=0.13', + 'PyOpenSSL>=0.13.1', 'pyrfc3339', 'pytz', - 'requests[security]>=2.4.1', # security extras added in 2.4.1 + 'requests[security]>=2.6.0', # security extras added in 2.4.1 'requests-toolbelt>=0.3.0', 'setuptools', 'six>=1.9.0', # needed for python_2_unicode_compatible